Method for guarding against side channel attack virtual machine in cloud computing environment

A cloud computing environment and side-channel attack technology, applied in the field of cloud computing and network security, can solve problems such as failure to effectively prevent side-channel attacks, attacks, user privacy and data security hazards, and achieve simple detection and analysis algorithms Effective, safe and accurate

Active Publication Date: 2012-12-26
SOUTHEAST UNIV
View PDF2 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] To sum up, side channel attacks have caused great harm to user privacy and data security, and provided opportunities for malicious users to attack other users on the cloud platform.
However, the research on side-channel attacks has just started, and there is no effective method to prevent side-channel attacks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for guarding against side channel attack virtual machine in cloud computing environment
  • Method for guarding against side channel attack virtual machine in cloud computing environment
  • Method for guarding against side channel attack virtual machine in cloud computing environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The technical solution of the present invention will be described in detail below in conjunction with the drawings.

[0027] Such as Figure 2 to Figure 4 As shown, a method for preventing side-channel attacks on virtual machines in a cloud computing environment of the present invention includes the following steps:

[0028] Step 1) According to the behavior characteristics of the virtual machine performing the bypass attack and the behavior characteristics of the ordinary virtual machine, the behavior data of all virtual machines in the execution cycle of the data center is collected in real time.

[0029] In step 1), the behavior data of all virtual machines includes the resource usage characteristics of the virtual machine and the behavior characteristics of the user operating the virtual machine. The resource usage characteristics of the virtual machine include the peak usage rate of the virtual machine's CPU and the collection period. The average usage rate of the vir...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for guarding against a side channel attack virtual machine in a cloud computing environment. The method comprises the following steps of: step 1) acquiring the behavior data of all the virtual machines in an execution cycle of a data center in real time according to the behavior characteristics of the virtual machine executing side channel attacks and the behavior characteristics of a normal virtual machine; step 2) classifying the behavior data of all the virtual machine acquired in real time in the step 1) by a Bayes method, and obtaining the high, intermediate, low, or extremely low security trust level of each virtual machine; and step 3) reading the security trust levels of all the virtual machines in the current data center topology, migrating the threatening virtual machines in the current environment, and placing the virtual machines with different security trust levels in different physical hosts. The method physically isolates the malicious users from the normal users, thereby terminating the behaviors of the side channel attack virtual machines and protecting the data security and privacy security of the virtual machines in the cloud computing environment.

Description

technical field [0001] The invention relates to the fields of cloud computing and network security, in particular to a method for preventing side-channel attack virtual machines in a cloud computing environment. Background technique [0002] Cloud computing is a computing model that uses the Internet to access shared resource pools anytime, anywhere, on demand, and conveniently. The essence of cloud computing is sharing. Through cloud computing, users can quickly apply for or release resources according to their business load, and pay for the resources used in an on-demand manner, which improves service quality and reduces operation and maintenance costs. [0003] Cloud computing services can generally be divided into Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as a Service (IaaS) according to their different abstraction levels. Among them, platform as a service means that operators provide a software development and deployment environmen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 东方罗军舟沈典
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap